42e56a6309
Add a few arm64-specific configs and classify them into seven new categories , that is, 1. base architecture-dependent options(base.conf) It also includes varient-specific features, like CONFIG_ARM64_PMEM is one ARMv8.2 arichitectural features. 2. crypto-related options(crypto.conf) ARMv8 adds cryptographic instructions that could significantly improve performance on tasks such as AES encryption and SHA1 and SHA256 hashing. 3. device tree related options(dt.conf) The "Open Firmware Device Tree", or simply Device Tree (DT), is a data structure and language for describing hardware, which is commonly used in arm architecture. 4. ARM errata workarounds options(errata.conf) There are many Kconfig entires under "Kernel Features" -> "ARM errata workarounds via the alternatives framework", which provides software workarounds to mitigate systems affected by those erratum. Vendor-specific option will be left to users to decide. 5. pci related options(pci.conf) a simplified pci host controller for mach-virt. 6. serial devices options(serial.conf) CONFIG_SERIAL_OF_PLATFORM is used for all 8250 compatible serial ports that are probed through device tree. 7. rtc related options(rtc.conf) we don't have KVM’s paravirtualized clock and ptp implementation is still under experimental mode, so we need rtc on aarch64. QEMU provides an emulated ARM AMBA PrimeCell PL031 RTC. Fixes: #1004 Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Build Kata Containers Kernel
- Requirements
- Usage
- Setup kernel source code
- Build the kernel
- Install the Kernel in the default path for Kata
- Submit Kernel Changes
- How is it tested
- Contribute
This document explains the steps to build a kernel recommended for use with
Kata Containers. To do this use build-kernel.sh, this script
automates the process to build a kernel for Kata Containers.
Requirements
The build-kernel.sh script requires an installed Golang version matching the
component build requirements.
Usage
$ ./build-kernel.sh -h
Overview:
Build a kernel for Kata Containers
Description: This script is the *ONLY* to build a kernel for development.
Usage:
build-kernel.sh [options] <command> <argument>
Commands:
- setup
- build
- install
Options:
-c <path> : Path to config file to build a the kernel.
-d : Enable bash debug.
-e : Enable experimental kernel.
-f : Enable force generate config when setup.
-g <vendor> : GPU vendor, intel or nvidia.
-h : Display this help.
-k <path> : Path to kernel to build.
-p <path> : Path to a directory with patches to apply to kernel.
-t : Hypervisor_target.
-v : Kernel version to use if kernel path not provided.
Example:
$ ./build-kernel.sh -v 4.19.86 -g nvidia -f -d setup
Note
-v 4.19.86: Specify the guest kernel version.-g nvidia: To build a guest kernel supporting Nvidia GPU.-f: The .config file is forced to be generated even if the kernel directory already exists.-d: Enable bash debug mode.
Setup kernel source code
$ go get -d -u github.com/kata-containers/packaging
$ cd $GOPATH/src/github.com/kata-containers/packaging/kernel
$ ./build-kernel.sh setup
The script ./build-kernel.sh tries to apply the patches from
${GOPATH}/src/github.com/kata-containers/packaging/kernel/patches/ when it
sets up a kernel. If you want to add a source modification, add a patch on this
directory.
The script also adds a kernel config file from
${GOPATH}/src/github.com/kata-containers/packaging/kernel/configs/ to .config
in the kernel source code. You can modify it as needed.
Build the kernel
After the kernel source code is ready, it is possible to build the kernel.
$ ./build-kernel.sh build
Install the Kernel in the default path for Kata
Kata Containers uses some default path to search a kernel to boot. To install
on this path, the following command will install it to the default Kata
containers path (/usr/share/kata-containers/).
$ ./build-kernel.sh install
Submit Kernel Changes
Kata Containers packaging repository holds the kernel configs and patches. The config and patches can work for many versions, but we only test the kernel version defined in the runtime versions file.
For further details, see the kernel configuration documentation.
How is it tested
The Kata Containers CI scripts install the kernel from CI cache job or build from sources.
If the kernel defined in the runtime versions file is built and cached with the latest kernel config and patches, it installs. Otherwise, the kernel is built from source.
The Kata kernel version is a mix of the kernel version defined in the runtime
versions file and the file kata_config_version. This
helps to identify if a kernel build has the latest recommend
configuration.
Example:
# From https://github.com/kata-containers/runtime/blob/master/versions.yaml
$ kernel_version_in_versions_file=4.10.1
# From https://github.com/kata-containers/packaging/blob/master/kernel/kata_config_version
$ kata_config_version=25
$ latest_kernel_version=${kernel_version_in_versions_file}-${kata_config_version}
The resulting version is 4.10.1-25, this helps identify whether or not the kernel configs are up-to-date on a CI version.
Contribute
In order to do Kata Kernel changes. There are places to contribute:
-
Kata runtime versions file: This file points to the recommended versions to be used by Kata. To update the kernel version send a pull request to update that version. The Kata CI will run all the use cases and verify it works.
-
Kata packaging repository. This repository contains all the kernel configs and patches recommended for Kata Containers kernel:
-
If you want to upload one new configuration (new version or architecture specific) make sure the config file name has the following format:
# Format: $ ${arch}_kata_${hypervisor_target}_${major_kernel_version}.x # example: $ arch=x86_64 $ hypervisor_target=kvm $ major_kernel_version=4.19 # Resulting file $ name: x86_64_kata_kvm_4.19.x -
Kernel patches, the CI and packaging scripts will apply all patches in the patches directory.
Note: The kernel version and configuration file live in different locations, which could result in a circular dependency on your (runtime or packaging) PR. In this case, the PR you submit needs to be tested together with a patch from another Kata Containers repository. To do this you have to specify which repository and which pull request it depends on.